On 2017-02-17 (11:28 MST), Robert L Mathews <lists@tigertech.com> wrote:
ssl_cert = </etc/ssl/sebode-online.de/chain.pem ssl_key = </etc/ssl/sebode-online.de/key.pem
ssl_cert = </usr/local/etc/dehydrated/certs/[domain]/fullchain.pem ssl_key = </usr/local/etc/dehydrated/certs/[domain]/privkey.pem
Seems to work just fine for me.
You're also manually specifying these non-default parameters:
ssl_cipher_list = ... ssl_prefer_server_ciphers = yes ssl_protocols = !SSLv2 !SSLv3
For testing, I would simplify. Does it work without any of those three things set?
ssl_protocols = !SSLv2 !SSLv3
is a sensible setting (and should be the default) a no one should still be supporting SSLv2 or SSLv3. I do not have the other settings.
-- Apple broke AppleScripting signatures in Mail.app, so no random signatures.